示例#1
0
 def testGoogleDocFetchKey(self):
     '''Attempt to retrieve key via HTTP file download via Google Docs'''
     keyURL = "https://docs.google.com/uc?id=0ByJYdR0YE41yNDg2ZTkzYTItNmJjNC00YTgwLTkyYzctZTNiMzAwYzhjYTdh&export=download&hl=en"
     fetchedKeys = util.fetchkeys(keyURL)
     assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
     
     self.checkKey(fetchedKeys[0], keysource="Google Doc source key")
示例#2
0
 def testHTTPFetchKey(self):
     '''Attempt to retrieve key via HTTP GET that is a part of a file download request'''
     keyURL = "http://sites.google.com/site/learningregistrytestdata/home/single-public-pgp-key/key0xA8A790EA220403B7.asc?attredirects=0&d=1"
     fetchedKeys = util.fetchkeys(keyURL)
     assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
     
     self.checkKey(fetchedKeys[0], keysource="HTTP Download sourced key")
示例#3
0
 def testSKSFetchKey(self):
     '''Attempt to retrieve key via HTTP GET from SKS keyserver'''
     keyURL = "http://pool.sks-keyservers.net:11371/pks/lookup?op=get&search=0xA8A790EA220403B7"
     fetchedKeys = util.fetchkeys(keyURL)
     assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
     
     self.checkKey(fetchedKeys[0], keysource="SKS source key")
示例#4
0
 def testWebSiteFetchKey(self):
     '''Attempt to retrieve key via HTTP GET that is a part of an HTML web page'''
     keyURL = "http://sites.google.com/site/learningregistrytestdata/home/single-public-pgp-key"
     fetchedKeys = util.fetchkeys(keyURL)
     assert len(fetchedKeys) == 1,  "key could not be retrieved from URL"
     
     self.checkKey(fetchedKeys[0], keysource="HTML Web Page sourced key")
示例#5
0
    def testPGPFetchKey(self):
        '''Attempt to retrieve key via HTTP GET from Symantec's PGP keyserver'''
        keyURL = "http://keyserver.pgp.com/vkd/DownloadKey.event?keyid=0xA8A790EA220403B7"
        fetchedKeys = util.fetchkeys(keyURL)
        assert len(fetchedKeys) == 1, "key could not be retrieved from URL"

        self.checkKey(fetchedKeys[0], keysource="PGP sourced key")
示例#6
0
 def testPGPFetchKey(self):
     '''Attempt to retrieve key via HTTP GET from Symantec's PGP keyserver'''
     keyURL = "http://keyserver.pgp.com/vkd/DownloadKey.event?keyid=0xA8A790EA220403B7"
     fetchedKeys = util.fetchkeys(keyURL)
     assert len(fetchedKeys) == 1, "key could not be retrieved from URL"
     
     self.checkKey(fetchedKeys[0], keysource="PGP sourced key")
    def validate_digital_signature(self, doc):
        from LRSignature.verify.Verify import Verify_0_21
        from LRSignature import util
        from LRSignature import errors

        verifytool = Verify_0_21(gpgbin=gpgbin)
        try:
            verified = verifytool.verify(doc)

            assert verified == True, "Signature did not validate for document."
        except errors.MissingPublicKey:

            locations = doc['digital_signature']['key_location']
            numImported = 0
            for location in locations:
                rawKeys = util.fetchkeys(location)
                for rawKey in rawKeys:
                    numImported += util.storekey(self.sampleKey, gpgbin=gpgbin)
                if numImported > 0:
                    break

            assert numImported > 0, "No new public keys were imported, but were needed"

            try:
                verified = verifytool.verify(doc)

                assert verified == True, "Signature did not validate for document."

            except errors.MissingPublicKey:
                raise AssertionError(
                    "No public key available that can be retrieved to validate doc"
                )
示例#8
0
    def testHTTPFetchKey(self):
        '''Attempt to retrieve key via HTTP GET that is a part of a file download request'''
        keyURL = "http://sites.google.com/site/learningregistrytestdata/home/single-public-pgp-key/key0xA8A790EA220403B7.asc?attredirects=0&d=1"
        fetchedKeys = util.fetchkeys(keyURL)
        assert len(fetchedKeys) == 1, "key could not be retrieved from URL"

        self.checkKey(fetchedKeys[0], keysource="HTTP Download sourced key")
示例#9
0
    def testGoogleDocFetchKey(self):
        '''Attempt to retrieve key via HTTP file download via Google Docs'''
        keyURL = "https://docs.google.com/uc?id=0ByJYdR0YE41yNDg2ZTkzYTItNmJjNC00YTgwLTkyYzctZTNiMzAwYzhjYTdh&export=download&hl=en"
        fetchedKeys = util.fetchkeys(keyURL)
        assert len(fetchedKeys) == 1, "key could not be retrieved from URL"

        self.checkKey(fetchedKeys[0], keysource="Google Doc source key")
示例#10
0
    def testWebSiteFetchKey(self):
        '''Attempt to retrieve key via HTTP GET that is a part of an HTML web page'''
        keyURL = "http://sites.google.com/site/learningregistrytestdata/home/single-public-pgp-key"
        fetchedKeys = util.fetchkeys(keyURL)
        assert len(fetchedKeys) == 1, "key could not be retrieved from URL"

        self.checkKey(fetchedKeys[0], keysource="HTML Web Page sourced key")
示例#11
0
    def testSKSFetchKey(self):
        '''Attempt to retrieve key via HTTP GET from SKS keyserver'''
        keyURL = "http://pool.sks-keyservers.net:11371/pks/lookup?op=get&search=0xA8A790EA220403B7"
        fetchedKeys = util.fetchkeys(keyURL)
        assert len(fetchedKeys) == 1, "key could not be retrieved from URL"

        self.checkKey(fetchedKeys[0], keysource="SKS source key")
 def validate_digital_signature(self, doc):
     from LRSignature.verify.Verify import Verify_0_21
     from LRSignature import util
     from LRSignature import errors
     
     verifytool = Verify_0_21(gpgbin=gpgbin)
     try:
         verified = verifytool.verify(doc)
         
         assert verified == True, "Signature did not validate for document."
     except errors.MissingPublicKey:
         
         locations = doc['digital_signature']['key_location']
         numImported = 0
         for location in locations:
             rawKeys = util.fetchkeys(location)
             for rawKey in rawKeys:
                 numImported += util.storekey(self.sampleKey, gpgbin=gpgbin)
             if numImported > 0:
                 break
             
         assert numImported > 0, "No new public keys were imported, but were needed"
         
         try:
             verified = verifytool.verify(doc)
         
             assert verified == True, "Signature did not validate for document."
         
         except errors.MissingPublicKey:
             raise AssertionError("No public key available that can be retrieved to validate doc")
示例#13
0
 def testMultipleFetchKey(self):
     '''Attempt to retrieve multiple keys via HTTP GET that is a part of a file download request'''
     keyURL = "http://sites.google.com/site/learningregistrytestdata/home/multiple-public-pgp-keys"
     fetchedKeys = util.fetchkeys(keyURL)
     assert len(fetchedKeys) == 2, "keys could not be retrieved from URL"
     
     self.checkKey(fetchedKeys[0], keysource="HTTP Download sourced key 1")
     self.checkKey(fetchedKeys[1], keysource="HTTP Download sourced key 2")
示例#14
0
    def testMultipleFetchKey(self):
        '''Attempt to retrieve multiple keys via HTTP GET that is a part of a file download request'''
        keyURL = "http://sites.google.com/site/learningregistrytestdata/home/multiple-public-pgp-keys"
        fetchedKeys = util.fetchkeys(keyURL)
        assert len(fetchedKeys) == 2, "keys could not be retrieved from URL"

        self.checkKey(fetchedKeys[0], keysource="HTTP Download sourced key 1")
        self.checkKey(fetchedKeys[1], keysource="HTTP Download sourced key 2")
示例#15
0
def _import_keys(key_locations):
    num_imported = 0
    for loc in key_locations:
        raw_keys = util.fetchkeys(loc)
        for raw_key in raw_keys:
            num_imported += util.storekey(raw_key,
                                          gpgbin=gpg_location)
        if num_imported > 0:
            return
示例#16
0
    def _validate_digital_signature(self, doc):
        from LRSignature import util
        from LRSignature import errors


        result = {}
        result = {"verified": False}
        if doc.has_key("doc_ID"):
            result["doc_ID"] = doc["doc_ID"]
        if doc.has_key("resource_locator"):
            result["resource_locator"] = doc["resource_locator"]

        try:
            result["verified"] = self.verifytool.verify(doc)

        except errors.MissingPublicKey:

            locations = doc['digital_signature']['key_location']
            numImported = 0
            for location in locations:
                rawKeys = util.fetchkeys(location)
                for rawKey in rawKeys:
                    numImported += util.storekey(self.sampleKey, gpgbin=self.args.gpgbin, gnupgHome=self.args.gnupghome)
                if numImported > 0:
                    break

            try:
                result["verified"] = self.verifytool.verify(doc)


            except errors.MissingPublicKey:
                result["verified"] = False
                result["error"] = "No available public key to validate."

        except errors.BadSignatureFormat as e:
            result["verified"] = False
            result["error"] = e.message

        except errors.UnknownKeyException as e:
            result["verified"] = False
            result["error"] = e.message

        except errors.UnsupportedSignatureAlgorithm as e:
            result["verified"] = False
            result["error"] = e.message

        except Exception as e:
            result["verified"] = False
            result["error"] = e.message

        return result
示例#17
0
    def _validate_digital_signature(self, doc):
        from LRSignature import util
        from LRSignature import errors

        result = {}
        result = {"verified": False}
        if doc.has_key("doc_ID"):
            result["doc_ID"] = doc["doc_ID"]
        if doc.has_key("resource_locator"):
            result["resource_locator"] = doc["resource_locator"]

        try:
            result["verified"] = self.verifytool.verify(doc)

        except errors.MissingPublicKey:

            locations = doc['digital_signature']['key_location']
            numImported = 0
            for location in locations:
                rawKeys = util.fetchkeys(location)
                for rawKey in rawKeys:
                    numImported += util.storekey(self.sampleKey,
                                                 gpgbin=self.args.gpgbin,
                                                 gnupgHome=self.args.gnupghome)
                if numImported > 0:
                    break

            try:
                result["verified"] = self.verifytool.verify(doc)

            except errors.MissingPublicKey:
                result["verified"] = False
                result["error"] = "No available public key to validate."

        except errors.BadSignatureFormat as e:
            result["verified"] = False
            result["error"] = e.message

        except errors.UnknownKeyException as e:
            result["verified"] = False
            result["error"] = e.message

        except errors.UnsupportedSignatureAlgorithm as e:
            result["verified"] = False
            result["error"] = e.message

        except Exception as e:
            result["verified"] = False
            result["error"] = e.message

        return result
示例#18
0
            try:
                v = gpg.verify(document["digital_signature"]["signature"])
                res = gpg.recv_keys(_KEYSERVERS[attempt], v.key_id)
            except Exception, e:
                log.info("Problem with getting keys from keyserver: %s", e)
                pass

            # try again...
            return get_verification_info(document, attempt + 1)
        # ran out of key servers, try locations in envelope.
        elif attempt == len(_KEYSERVERS):
            try:
                for loc in document["digital_signature"]["key_location"]:
                    keys = []
                    try:
                        keys = util.fetchkeys(loc)
                    except Exception, e:
                        log.info("Problem fetching key from location: %s", e)

                    for key in keys:
                        try:
                            util.storekey(key, gpg.gnupghome, gpg.gpgbinary)
                        except Exception, e:
                            log.info(
                                "Problem importing or storing key from location: %s",
                                e)

                # try again...
                return get_verification_info(document, attempt + 1)
            except:
                pass
            try:
                v = gpg.verify(document["digital_signature"]["signature"])
                res = gpg.recv_keys(_KEYSERVERS[attempt], v.key_id)
            except Exception, e:
                log.info("Problem with getting keys from keyserver: %s", e)
                pass

            # try again...
            return get_verification_info(document, attempt+1)
        # ran out of key servers, try locations in envelope.
        elif attempt == len(_KEYSERVERS):
            try:
                for loc in document["digital_signature"]["key_location"]:
                    keys = []
                    try:
                        keys = util.fetchkeys(loc)
                    except Exception, e:
                        log.info("Problem fetching key from location: %s", e)

                    for key in keys:
                        try:
                            util.storekey(key, gpg.gnupghome, gpg.gpgbinary)
                        except Exception, e:
                            log.info("Problem importing or storing key from location: %s", e)

                # try again...
                return get_verification_info(document, attempt+1)
            except:
                pass

    except SignatureException as ex: